Chrome Pop-up Claims to be a Font Pack Update to Install Malware

It seems that some hackers have found a new way to trick users into installing malware on their devices. The new trick involves a fake Google Chrome font pack update, which in fact installs a malware on your computer.

This malware has been discovered by Mahmoud Al-Qudsi from NeoSmart Technologies. According to reports, the hack was noticed on a compromised WordPress website. The malware is using Javascript to change the text rendering on the page, which will then resemble mis-encoded text with symbols and other random character when it is displayed to the user.

The web content will look distorted and a pop-up will appear saying that the font used was not found. After that, it will ask the user to download a Chrome font pack in order to fix the issue. As expected, once you install the “font pack”, you will get a brand new malware on your computer, which can allow the hacker to gain access to your personal information.

According to NeoSmart Technologies, the pop-up emulates the correct Google Chrome pop-up format in order to make it as legit as possible. You will also notice that the Chrome logo is there along with the shade of blue for the “update” button. At the same time, the grammar is also flawless, which will most likely trick many users.

However, the message seems to be coded in order to say that the user browser version is Chrome 53, which means that someone who knows what Chrome version has installed on his computer will notice that something is wrong.

Once you click the “Update” button, you will download a file named “Chrome Font v7.5.1.exe”, and the pop-up message will give you more instructions on how you can install it on your computer.

If you see this type of fake pop-up we suggest you to close the specific website and report it.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like